From fdc8b0db89d5dbf0c6454a6c757f89a3059612d7 Mon Sep 17 00:00:00 2001 From: Robin Bowes Date: Thu, 5 Sep 2024 22:06:52 +0100 Subject: [PATCH] Fix: quote all remaining occurrences of $tf_path --- hooks/_common.sh | 4 ++-- hooks/terraform_providers_lock.sh | 4 ++-- hooks/terraform_validate.sh | 8 ++++---- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/hooks/_common.sh b/hooks/_common.sh index c278c3a7a..ffe0490b5 100644 --- a/hooks/_common.sh +++ b/hooks/_common.sh @@ -536,13 +536,13 @@ function common::terraform_init { # Plugin cache dir can't be written concurrently or read during write # https://github.com/hashicorp/terraform/issues/31964 if [[ -z $TF_PLUGIN_CACHE_DIR || $parallelism_disabled == true ]]; then - init_output=$($tf_path init -backend=false "${TF_INIT_ARGS[@]}" 2>&1) + init_output=$("$tf_path" init -backend=false "${TF_INIT_ARGS[@]}" 2>&1) exit_code=$? else # Locking just doesn't work, and the below works quicker instead. Details: # https://github.com/hashicorp/terraform/issues/31964#issuecomment-1939869453 for i in {1..10}; do - init_output=$($tf_path init -backend=false "${TF_INIT_ARGS[@]}" 2>&1) + init_output=$("$tf_path" init -backend=false "${TF_INIT_ARGS[@]}" 2>&1) exit_code=$? if [ $exit_code -eq 0 ]; then diff --git a/hooks/terraform_providers_lock.sh b/hooks/terraform_providers_lock.sh index 1cecd1a02..9a4d1b624 100755 --- a/hooks/terraform_providers_lock.sh +++ b/hooks/terraform_providers_lock.sh @@ -140,7 +140,7 @@ function per_dir_hook_unique_part { common::colorify "yellow" "DEPRECATION NOTICE: We introduced '--mode' flag for this hook. Check migration instructions at https://github.com/antonbabenko/pre-commit-terraform#terraform_providers_lock " - common::terraform_init 'terraform providers lock' "$dir_path" "$parallelism_disabled" "$tf_path" || { + common::terraform_init "$tf_path providers lock" "$dir_path" "$parallelism_disabled" "$tf_path" || { exit_code=$? return $exit_code } @@ -155,7 +155,7 @@ Check migration instructions at https://github.com/antonbabenko/pre-commit-terra #? Don't require `tf init` for providers, but required `tf init` for modules #? Mitigated by `function match_validate_errors` from terraform_validate hook # pass the arguments to hook - $tf_path providers lock "${args[@]}" + "$tf_path" providers lock "${args[@]}" # return exit code to common::per_dir_hook exit_code=$? diff --git a/hooks/terraform_validate.sh b/hooks/terraform_validate.sh index e51b5c714..ad792b038 100755 --- a/hooks/terraform_validate.sh +++ b/hooks/terraform_validate.sh @@ -118,7 +118,7 @@ function per_dir_hook_unique_part { # First try `terraform validate` with the hope that all deps are # pre-installed. That is needed for cases when `.terraform/modules` # or `.terraform/providers` missed AND that is expected. - $tf_path validate "${args[@]}" &> /dev/null && { + "$tf_path" validate "${args[@]}" &> /dev/null && { exit_code=$? return $exit_code } @@ -132,11 +132,11 @@ function per_dir_hook_unique_part { if [ "$retry_once_with_cleanup" != "true" ]; then # terraform validate only - validate_output=$($tf_path validate "${args[@]}" 2>&1) + validate_output=$("$tf_path" validate "${args[@]}" 2>&1) exit_code=$? else # terraform validate, plus capture possible errors - validate_output=$($tf_path validate -json "${args[@]}" 2>&1) + validate_output=$("$tf_path" validate -json "${args[@]}" 2>&1) exit_code=$? # Match specific validation errors @@ -159,7 +159,7 @@ function per_dir_hook_unique_part { return $exit_code } - validate_output=$($tf_path validate "${args[@]}" 2>&1) + validate_output=$("$tf_path" validate "${args[@]}" 2>&1) exit_code=$? fi fi